Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918DB4E/77E7F9A00CE511EAA20DDD82C4F9AE02/68B37622ED0711EBA8904D13C4F9AE02.roa
File: 68B37622ED0711EBA8904D13C4F9AE02.roa (raw, json)
Hash identifier: huA8Z5cAW/Txr6r/bEBl8JkQL9Vuju18j/gN5EKxmqU=
Subject key identifier: 46:81:49:BA:A0:B3:F7:86:EF:C8:F6:F1:EA:91:1D:A7:0C:32:C4:1A
Certificate issuer: /CN=A918DB4E/serialNumber=42758DE0CC0CF62C2AEEE93E0EEE67903A502CCC
Certificate serial: 0ADF
Authority key identifier: 42:75:8D:E0:CC:0C:F6:2C:2A:EE:E9:3E:0E:EE:67:90:3A:50:2C:CC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QnWN4MwM9iwq7uk-Du5nkDpQLMw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918DB4E/77E7F9A00CE511EAA20DDD82C4F9AE02/68B37622ED0711EBA8904D13C4F9AE02.roa
Signing time: Thu 06 Jul 2023 19:16:23 +0000
ROA not before: Thu 06 Jul 2023 19:16:23 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 3
IP address blocks: 103.116.90.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2783 (0xadf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918DB4E/serialNumber=42758DE0CC0CF62C2AEEE93E0EEE67903A502CCC
Validity
Not Before: Jul 6 19:16:23 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=64a71307-a857
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:90:d4:96:bf:4f:c8:db:ab:fc:a6:de:df:c5:
c6:b6:b9:c2:7b:51:2a:11:bd:58:e4:df:d5:ff:02:
4d:e6:d9:e1:bd:0a:fd:35:b1:37:f7:77:32:8f:d4:
51:7c:01:72:e1:54:42:0e:d5:11:24:08:2f:53:ff:
bf:ab:ad:21:b4:63:22:49:79:9d:57:31:0e:ca:c6:
5a:9d:13:a9:b9:61:bf:76:79:80:ab:41:4e:83:9b:
45:d3:36:3a:25:13:ce:04:08:ba:cb:98:7f:8d:92:
9a:73:08:1d:8b:04:df:5d:90:5b:d6:32:a4:dd:5a:
ff:30:7a:38:8e:ea:92:3a:2f:c6:89:d8:65:b4:14:
fd:bb:bc:c6:4e:f9:c4:f5:b4:95:f0:d5:61:ff:49:
b3:31:e5:17:c3:38:98:52:ac:79:10:e8:ad:b4:59:
d1:c9:19:7c:85:eb:5f:79:0d:7f:d2:3f:84:bf:df:
78:bb:de:6a:59:7d:57:ea:68:4e:2e:6b:a6:53:42:
98:fb:ee:17:7a:c3:b7:40:b6:3d:c9:ad:5e:ab:2e:
42:68:a5:cb:8a:b1:d1:82:76:27:f7:c3:e4:7a:ac:
47:ed:3b:1e:ef:32:ab:cb:64:fd:b8:43:33:13:c6:
8d:bc:67:98:df:86:38:c0:2d:f8:62:12:cc:00:78:
45:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:81:49:BA:A0:B3:F7:86:EF:C8:F6:F1:EA:91:1D:A7:0C:32:C4:1A
X509v3 Authority Key Identifier:
keyid:42:75:8D:E0:CC:0C:F6:2C:2A:EE:E9:3E:0E:EE:67:90:3A:50:2C:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918DB4E/77E7F9A00CE511EAA20DDD82C4F9AE02/QnWN4MwM9iwq7uk-Du5nkDpQLMw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QnWN4MwM9iwq7uk-Du5nkDpQLMw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918DB4E/77E7F9A00CE511EAA20DDD82C4F9AE02/68B37622ED0711EBA8904D13C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.116.90.0/24
Signature Algorithm: sha256WithRSAEncryption
32:be:5e:cb:c3:a9:f4:fe:24:10:eb:94:92:eb:9f:a1:d3:9d:
00:cd:83:63:2f:b9:6d:9c:86:bc:1c:d1:ef:c5:00:9b:e9:f0:
aa:5b:1a:f2:5b:6b:21:ae:a2:c2:a7:77:e9:8e:99:ef:43:e2:
3e:ec:f8:b1:80:c6:36:db:59:99:2d:d5:c4:d2:34:8d:61:f2:
f4:97:db:2a:91:fa:7f:9b:01:e4:51:8c:9d:a1:02:b0:e8:21:
19:92:ff:e2:b3:ce:0a:0b:94:c0:6e:c0:9b:20:52:a6:8b:5b:
3e:98:00:a3:c7:bf:d2:6c:ab:fd:d8:31:c0:c9:74:7e:cc:d6:
c4:00:18:3e:bf:42:3d:32:fc:29:71:84:9f:0a:e5:fb:61:ef:
77:74:88:8a:21:32:d2:69:7f:7a:b8:70:99:56:18:0b:4f:82:
f6:6b:11:d1:cb:33:ef:cf:89:6d:e9:cf:b9:0c:32:c6:41:df:
de:0b:15:46:ee:e9:f1:de:7a:44:96:cf:12:87:06:1c:cf:b4:
d0:da:b1:28:7e:a4:81:38:8b:a5:3a:e4:23:f8:a7:1d:05:28:
0c:dd:40:22:81:34:ca:15:00:55:8d:11:10:e8:6b:9a:eb:82:
97:f5:66:9f:42:d5:80:a0:3e:04:79:e5:74:d4:4b:f2:e9:76:
2e:9b:a4:58
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCt8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OERCNEUxMTAvBgNVBAUTKDQyNzU4REUwQ0MwQ0Y2MkMyQUVFRTkzRTBFRUU2Nzkw
M0E1MDJDQ0MwHhcNMjMwNzA2MTkxNjIzWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGE3MTMwNy1hODU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2pDUlr9PyNur/Kbe38XGtrnCe1EqEb1Y5N/V/wJN5tnhvQr9NbE393cyj9RR
fAFy4VRCDtURJAgvU/+/q60htGMiSXmdVzEOysZanROpuWG/dnmAq0FOg5tF0zY6
JRPOBAi6y5h/jZKacwgdiwTfXZBb1jKk3Vr/MHo4juqSOi/GidhltBT9u7zGTvnE
9bSV8NVh/0mzMeUXwziYUqx5EOittFnRyRl8hetfeQ1/0j+Ev994u95qWX1X6mhO
LmumU0KY++4XesO3QLY9ya1eqy5CaKXLirHRgnYn98PkeqxH7Tse7zKry2T9uEMz
E8aNvGeY34Y4wC34YhLMAHhFpwIDAQABo4IClTCCApEwHQYDVR0OBBYEFEaBSbqg
s/eG78j28eqRHacMMsQaMB8GA1UdIwQYMBaAFEJ1jeDMDPYsKu7pPg7uZ5A6UCzM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4REI0RS83N0U3RjlBMDBD
RTUxMUVBQTIwREREODJDNEY5QUUwMi9RbldONE13TTlpd3E3dWstRHU1bmtEcFFM
TXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FuV040TXdNOWl3cTd1ay1EdTVua0RwUUxNdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OERCNEUvNzdFN0Y5QTAwQ0U1MTFFQUEyMERERDgyQzRGOUFFMDIvNjhCMzc2MjJF
RDA3MTFFQkE4OTA0RDEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABndFowDQYJKoZIhvcNAQELBQADggEBADK+XsvDqfT+JBDr
lJLrn6HTnQDNg2MvuW2chrwc0e/FAJvp8KpbGvJbayGuosKnd+mOme9D4j7s+LGA
xjbbWZkt1cTSNI1h8vSX2yqR+n+bAeRRjJ2hArDoIRmS/+KzzgoLlMBuwJsgUqaL
Wz6YAKPHv9Jsq/3YMcDJdH7M1sQAGD6/Qj0y/ClxhJ8K5fth73d0iIohMtJpf3q4
cJlWGAtPgvZrEdHLM+/PiW3pz7kMMsZB394LFUbu6fHeekSWzxKHBhzPtNDasSh+
pIE4i6U65CP4px0FKAzdQCKBNMoVAFWNERDoa5rrgpf1Zp9C1YCgPgR55XTUS/Lp
di6bpFg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:15 2024 by rpki-client on console-fra.rpki-client.org